skogai-argc

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill includes examples of dynamic choice functions that call external public sources (e.g., _choice_repos() using gh repo list skogai to fetch GitHub repository names) which are untrusted, user-generated content that argc captures from stdout and uses for validation/choices, thereby exposing the agent to third-party content that could enable indirect prompt injection.